Could you please elaborate more on why do you think Java is so insecure for your mission critical computer?

Java, as any application, may have its security holes, but as someone told before, Java is just a process, same as your freecell.exe or your winword.exe and the capacity of damage it has is the same than the capacity of damage the user that launches it has.

So, if you run your Java apps as an administrator or as a user with elevated privileges, Java is not the problem, but you!

But, I do not know, please elaborate more.

(if you do not consider Java to be a program (process, application, etc.)... then you are more dangerous for your computer than Java itself )

Java is an interpreter, and current OS security models are not designed to explicitly support interpreters. For the OS, an interpreter is just a black box executing arbitrary code from the wild.

What this means in turn is that Java may only run code as privileged as the Java interpreter is. So the Java interpreter must run with privileges that are as high as possible. No true OS-level sandboxing is possible.

Which means that the JRE is a huge mass of code (basically reinventing the system API for the sake of portability) running in a highly permissive security environment, without DEP/NX protection. As lots of code is statistically synonymous of lots of bugs/exploits, this is a disaster waiting to happen.

(Of course, if good OS-level support for interpreters was provided one day, the extreme case being an interpreted OS like Singularity, this argument would be void. Also, this is less of a problem for interpreters which maximize use of the system API instead of re-implementing everything, like C#/.Net on Windows)

(EDIT : And you'll probably say that we don't even use sandboxing for normal user apps currently, making even freecell.exe able to wipe the user's home if exploited. Current desktop security sucks really badly. But to the best of my knowledge, all current OSs have some form of support for apps that voluntarily sandbox themselves, which is probably what you'll want to use on your mission critical computer.)

Java is an interpreter, and current OS security models are not designed to explicitly support interpreters. For the OS, an interpreter is just a black box executing arbitrary code from the wild.

So is any .EXE file. What's your point? Java does not get a free ride as far as the OS is concerned...

What this means in turn is that Java may only run code as privileged as the Java interpreter is. So the Java interpreter must run with privileges that are as high as possible. No true OS-level sandboxing is possible.

Well... Duh! It's privileges are the same as the user that started the process. In fact, Java doesn't even have process user changing functionality built in. You can run Java in whatever sandbox you may wish. In addition, you may enable Java's security features.

Which means that the JRE is a huge mass of code (basically reinventing the system API for the sake of portability) running in a highly permissive security environment, without DEP/NX protection. As lots of code is statistically synonymous of lots of bugs/exploits, this is a disaster waiting to happen.

Which environment are you talking about? Desktop apps, that are even worse when it comes to security? Applets, that are probably more secure than the browser they run in in most cases(see number of IE users)